From 8bcde87172636123f4711c494731eb42ca70b626 Mon Sep 17 00:00:00 2001 From: Arnob kumar saha Date: Fri, 6 Dec 2024 15:51:04 +0600 Subject: [PATCH] Run DBs in openshift cluster Signed-off-by: Arnob kumar saha --- kafka/openshift/kafka-combined.yaml | 64 +++++++++ kafka/openshift/kafka-dedicated.yaml | 96 ++++++++++++++ mariadb/openshift/mariadb.yaml | 83 ++++++++++++ mongodb/openshift/replicaset.yaml | 85 ++++++++++++ mongodb/openshift/shard.yaml | 172 +++++++++++++++++++++++++ mongodb/openshift/standalone.yaml | 82 ++++++++++++ mysql/openshift/group-replication.yaml | 85 ++++++++++++ postgres/openshift/postgres.yaml | 83 ++++++++++++ redis/openshift/cluster.yaml | 75 +++++++++++ redis/openshift/sentinel.yaml | 147 +++++++++++++++++++++ 10 files changed, 972 insertions(+) create mode 100644 kafka/openshift/kafka-combined.yaml create mode 100644 kafka/openshift/kafka-dedicated.yaml create mode 100644 mariadb/openshift/mariadb.yaml create mode 100644 mongodb/openshift/replicaset.yaml create mode 100644 mongodb/openshift/shard.yaml create mode 100644 mongodb/openshift/standalone.yaml create mode 100644 mysql/openshift/group-replication.yaml create mode 100644 postgres/openshift/postgres.yaml create mode 100644 redis/openshift/cluster.yaml create mode 100644 redis/openshift/sentinel.yaml diff --git a/kafka/openshift/kafka-combined.yaml b/kafka/openshift/kafka-combined.yaml new file mode 100644 index 0000000..8ec5ecb --- /dev/null +++ b/kafka/openshift/kafka-combined.yaml @@ -0,0 +1,64 @@ +apiVersion: kubedb.com/v1 +kind: Kafka +metadata: + labels: + app.kubernetes.io/instance: kf-combined + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kafkas.kubedb.com + name: kf-combined + namespace: demo +spec: + deletionPolicy: WipeOut + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + release: kube-prometheus-stack + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: kafka + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + replicas: 2 + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageType: Durable + version: 3.6.1 diff --git a/kafka/openshift/kafka-dedicated.yaml b/kafka/openshift/kafka-dedicated.yaml new file mode 100644 index 0000000..70b898b --- /dev/null +++ b/kafka/openshift/kafka-dedicated.yaml @@ -0,0 +1,96 @@ +apiVersion: kubedb.com/v1 +kind: Kafka +metadata: + labels: + app.kubernetes.io/instance: kf-dedicated + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kafkas.kubedb.com + name: kf-dedicated + namespace: demo +spec: + deletionPolicy: WipeOut + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + release: kube-prometheus-stack + storageType: Durable + topology: + broker: + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: kafka + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + replicas: 2 + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + controller: + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: kafka + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + replicas: 2 + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + version: 3.6.1 diff --git a/mariadb/openshift/mariadb.yaml b/mariadb/openshift/mariadb.yaml new file mode 100644 index 0000000..ddb962b --- /dev/null +++ b/mariadb/openshift/mariadb.yaml @@ -0,0 +1,83 @@ +apiVersion: kubedb.com/v1 +kind: MariaDB +metadata: + name: md-test + namespace: demo +spec: + deletionPolicy: WipeOut + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + release: kube-prometheus-stack + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: mariadb + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + - name: md-coordinator + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: mariadb-init + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + replicas: 3 + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageType: Durable + version: 11.2.2 diff --git a/mongodb/openshift/replicaset.yaml b/mongodb/openshift/replicaset.yaml new file mode 100644 index 0000000..8900a4e --- /dev/null +++ b/mongodb/openshift/replicaset.yaml @@ -0,0 +1,85 @@ +apiVersion: kubedb.com/v1 +kind: MongoDB +metadata: + name: mg7 + namespace: demo +spec: + version: "7.0.8" + replicas: 3 + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + replicaSet: + name: rs0 + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: mongodb + resources: + requests: + cpu: 700m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + - name: replication-mode-detector + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: copy-config + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + deletionPolicy: WipeOut + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + args: + - --compatible-mode + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + {} diff --git a/mongodb/openshift/shard.yaml b/mongodb/openshift/shard.yaml new file mode 100644 index 0000000..45ad538 --- /dev/null +++ b/mongodb/openshift/shard.yaml @@ -0,0 +1,172 @@ +apiVersion: kubedb.com/v1 +kind: MongoDB +metadata: + name: test + namespace: demo +spec: + deletionPolicy: WipeOut + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + args: + - --compatible-mode + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + {} + shardTopology: + configServer: + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: mongodb + resources: + limits: + memory: 1Gi + requests: + cpu: 800m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + - name: replication-mode-detector + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: copy-config + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + replicas: 3 + storage: + resources: + requests: + storage: 2Gi + mongos: + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: mongodb + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: copy-config + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + replicas: 2 + shard: + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: mongodb + resources: + limits: + memory: 1Gi + requests: + cpu: 900m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + - name: replication-mode-detector + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: copy-config + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + replicas: 3 + shards: 2 + storage: + resources: + requests: + storage: 2Gi + version: 4.4.26 diff --git a/mongodb/openshift/standalone.yaml b/mongodb/openshift/standalone.yaml new file mode 100644 index 0000000..5fa6f50 --- /dev/null +++ b/mongodb/openshift/standalone.yaml @@ -0,0 +1,82 @@ +apiVersion: kubedb.com/v1 +kind: MongoDB +metadata: + name: mg6 + namespace: demo +spec: + version: "6.0.12" + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: mongodb + resources: + requests: + cpu: 700m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + - name: replication-mode-detector + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: copy-config + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + deletionPolicy: WipeOut + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + args: + - --compatible-mode + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + {} diff --git a/mysql/openshift/group-replication.yaml b/mysql/openshift/group-replication.yaml new file mode 100644 index 0000000..35803d7 --- /dev/null +++ b/mysql/openshift/group-replication.yaml @@ -0,0 +1,85 @@ +apiVersion: kubedb.com/v1 +kind: MySQL +metadata: + name: group + namespace: demo +spec: + deletionPolicy: WipeOut + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + release: kube-prometheus-stack + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: mysql + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + - name: mysql-coordinator + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: mysql-init + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + replicas: 3 + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageType: Durable + topology: + mode: GroupReplication + version: 8.4.2 diff --git a/postgres/openshift/postgres.yaml b/postgres/openshift/postgres.yaml new file mode 100644 index 0000000..7c65e7b --- /dev/null +++ b/postgres/openshift/postgres.yaml @@ -0,0 +1,83 @@ +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: pg16 + namespace: demo +spec: + deletionPolicy: WipeOut + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + release: kube-prometheus-stack + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: postgres + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + - name: pg-coordinator + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: postgres-init-container + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + replicas: 3 + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageType: Durable + version: "16.4-bookworm" diff --git a/redis/openshift/cluster.yaml b/redis/openshift/cluster.yaml new file mode 100644 index 0000000..c5109eb --- /dev/null +++ b/redis/openshift/cluster.yaml @@ -0,0 +1,75 @@ +apiVersion: kubedb.com/v1 +kind: Redis +metadata: + name: rdc + namespace: demo +spec: + cluster: + master: 3 + replicas: 2 + deletionPolicy: WipeOut + mode: Cluster + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + release: kube-prometheus-stack + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: redis + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: redis-init + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageType: Durable + version: 7.4.0 diff --git a/redis/openshift/sentinel.yaml b/redis/openshift/sentinel.yaml new file mode 100644 index 0000000..f56b3b6 --- /dev/null +++ b/redis/openshift/sentinel.yaml @@ -0,0 +1,147 @@ +apiVersion: kubedb.com/v1 +kind: RedisSentinel +metadata: + labels: + app.kubernetes.io/instance: rdc + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redises.kubedb.com + name: rdc-sentinel + namespace: demo +spec: + deletionPolicy: WipeOut + replicas: 3 + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: redissentinel + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: sentinel-init + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageType: Durable + version: 7.4.0 +--- + + + + + + +apiVersion: kubedb.com/v1 +kind: Redis +metadata: + name: rds + namespace: demo +spec: + sentinelRef: + name: rdc-sentinel + namespace: demo + deletionPolicy: WipeOut + mode: Sentinel + monitor: + agent: prometheus.io/operator + prometheus: + exporter: + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + serviceMonitor: + interval: 30s + labels: + release: kube-prometheus-stack + podTemplate: + spec: + securityContext: + fsGroup: 1000650000 + containers: + - name: redis + resources: + limits: + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + - name: rd-coordinator + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + initContainers: + - name: redis-init + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000650000 + seccompProfile: + type: RuntimeDefault + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageType: Durable + version: 7.4.0